V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Back to catalog
CVE-2020-3900
DEB
High

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS …

CVSS
8.8
High
EPSS
0.02
p76
Published
2020-01-01
Updated
2020-01-01
Description

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.

Tags · CWE
RCEPre-auth
CWE-787
Affected products
QtwebkitQtwebkitQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-sourceQtwebkit-sourceQtwebkit-sourceWebkit2gtkWebkit2gtk
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Timeline
2020-01-01
Published
2020-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: R
Required (R)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.019 · p76
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
Debian
Webkit2gtkWpewebkit
Canonical
WebkitgtkQtwebkit-sourceQtwebkit-opensource-srcWebkit2gtkQtwebkit
Red Hat
Webkit2gtk3Webkitgtk4
Apple
Iphone OsTvosWatchosSafariItunesIcloudIpad Os
ProductVendorStatus
qtwebkitTracked
qtwebkitTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-sourceTracked
qtwebkit-sourceTracked
qtwebkit-sourceTracked
webkit2gtkTracked
webkit2gtkTracked
Showing first 20 of 46
Source databases
DEB
CVE
RED
UBU
Related vulnerabilities
BDU:2020-01642